Re: 4th teleconference minutes

Up to 4th teleconference minutes

Re: 4th teleconference minutes

Posted by Dimitra Liveri at November 24. 2015

16/11/2015

 

Participants

Raj Samani - Intel security, Peter Dickman - Google, Jens Jensen - STFC, Theo Dimitrakos - BT, Fia Ewald - MSB SE, Paul Davies - Verizon, Antonio Ramos - Leet security, Oliver Perault - Orange, Jan Neutze - Microsoft, Dimitra Liveri, Rossen Naydenov, Christina Skouloudi - ENISA

ENISA work on Cloud in 2015

  • Cloud Security in the Finance Sector:  presentations of risks and challenges of cloud deployment in the finance sector, adoption rate in the EU and current practices, recommendations for regulators, finance institutions and European bodies. Report to be published in December
  • Post analysis of Cloud incidents: technical, organisational and legal challenges of conducting analysis of cloud cyber incidents
  • Cloud certification work continues, supporting CCSL and CCSM online
  • Cloud security tool for SME up and running: ENISA would like to add new scenarios. As needed to be clarified this tool is to support the SMEs make an informed decision, it doesn’t include the specificities that would be needed for procurement purposes (analytics attached)

 

Presentation of ENISA work for 2016

  • Cloud security in eHealth: pilot project together with hospitals that have implemented cloud services.
  • Security framework for governmental clouds becoming an online tool. Already running a study to identify the current level of adoption today in the EU.
  • Cyber security exercises will include scenarios on Cloud security and your feedback is valuable. If you would like to share your ideas with the cyber crisis cooperation team please send them an email at : c3@enisa.europa.eu 
  • Secure Cloud 2016 in Dublin 24-25 of May, date still tentative. Currently under prep of the PC of the conference. Suggestion to organise the next face to face of the ENISA Cloud security and resilience WG back to back with the Secure Cloud was widely accepted, hosting offers by Google and BT (thank you). More information to follow in the coming months.

 

Open discussion

  • ENISA will conduct work on the analysis of the market of the NIS products and services in the EU under the digital single market initiative. Idea to include security enablers when measuring NIS products and services in scope.
  • Topic to investigate: Ensuring confidentiality and integrity across multiply assets in the multiple cloud (inter-cloud providers). The idea is to study how to assess the level of assurance and how to do brokerage in case of an incident. What would be the difference when talking about a hybrid environment?
  • Free flow of data and open cloud initiative: activities on the topic from the EC
Powered by Ploneboard